Open clementvp opened 7 months ago
statefb
commented
7 months ago @clementvp Do you think you could implement this feature? We already implemented the base for identity provider. We'd so glad if you could build it and create a Pull Request. Thank you in advance.
Park646
commented
5 months ago Has there been any progress on this front? If I want to make Cognito a SAML relay to Azure Entra Id what components should be updated? I've modified the Cognito user pool and updated the API Gateway to use the new ClientID but still getting the Old ID showing up in the web requests.
k70suK3-k06a7ash1
commented
5 months ago @Park646 CC : @clementvp Would you mind checking the file, please? cdk/lib/constructs/auth.ts cdk/lib/utils/identity-provider.ts
Park646
commented
5 months ago Thanks we ended up just modifying the app.tsx file and rebuilding the react application, along with some manual configuration of Cognito to utilize SAML. Here is the modification to the frontend/src/app.tsx file. Replace Hosted UI Domain and Redirect URL. Used the HOSTED UI domain link to get SSO pass thru.
Amplify.configure({ Auth: { userPoolId: import.meta.env.VITE_APP_USER_POOL_ID, userPoolWebClientId: import.meta.env.VITE_APP_USER_POOL_CLIENT_ID, authenticationFlowType: 'USER_SRP_AUTH', oauth: { domain: "HOSTED_UI_DOMAIN.auth.us-west-2.amazoncognito.com", scope: ['openid', 'email', 'aws.cognito.signin.user.admin'], redirectSignIn: 'REDIRECT_URL', redirectSignOut: '', responseType: 'token', }, }, });
Describe the solution you'd like
A way to declare a SAML authentication provider inside the project.
Why the solution needed
I need to plug an Azure AD as a authentication provider inside the project. I need my use to be auth trough SSO AzureAd.
Additional context
Aws complete begginer here.
Implementation feasibility
Are you willing to discuss the solution with us, decide on the approach, and assist with the implementation?